Why are there innumerable certificates when I view advanced info?
These include many foreign countries' certificates eg Agencia catalina... Many say builtin
Všetky odpovede (3)
hello nealfriedberg, for an overview for what these certificates are used for please see http://en.wikipedia.org/wiki/Certificate_authority
there are strict policies for certificate authorities to come & stay on the list of included certificates: https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/
The response informed me of the nature of CA's. The question is should all those CA's remain on my computer and are they trustworthy, or should those that are foreign be removed. Also are those that say "builtin" part of the Mozilla site?
The built-in root certificate make it possible to build a certificate chain that ends up with a root certificate in case you access a website via a secure HTTPS connection.
There is usually no need to disable built-in root certificate by removing their trust bits via the Edit button because Mozilla is quite restrictive about which root certificates to include and it can take more than a year to complete all the required steps.
- https://www.mozilla.org/projects/security/certs/policy/ - Mozilla CA Certificate Policy
- https://www.mozilla.org/projects/security/certs/policy/MaintenancePolicy.html - Mozilla CA Certificate Maintenance Policy (Version 2.2)